Yesterday, cyber criminals breached the Sri Lankan finance ministry’s computer system. They successfully siphoned off $2.5 million. Consequently, this incident marks the largest cash theft by hackers from a state institution in the country. This cyber attack delivers a massive blow to Sri Lanka. Currently, the nation is still recovering from a crippling 2022 economic crisis. During that period, Colombo defaulted on its massive $46 billion external debt.
The hackers specifically targeted the Public Debt Management Office (PDMO). Initially, authorities detected an attempted breach of the ministry’s e-mail server. Upon immediate investigation, they discovered the missing $2.5 million. Originally, the government allocated this money as a scheduled debt repayment to Australia. Harshana Suriyapperuma, the finance ministry secretary, confirmed these details to reporters in the capital. As a direct result of the breach, the government suspended four senior PDMO officers.
Ongoing Investigations & International Aid
Presently, criminal investigators are actively examining the cyber attack. Moreover, Sri Lankan authorities have officially requested assistance from foreign law enforcement agencies. Suriyapperuma declined to provide further details during this active probe.
Meanwhile, Australia is actively stepping in to help. Matthew Duckworth, Australia’s High Commissioner in Sri Lanka, addressed the situation on X. He confirmed that Canberra noticed the payment irregularities. Therefore, Australian officials are closely coordinating with and assisting Sri Lankan investigators. Furthermore, Duckworth reiterated Australia’s ongoing commitment to supporting Sri Lanka’s return to debt sustainability.
Context of the Cyber Breach in Sri Lanka
Interestingly, Sri Lanka only recently established the PDMO. The government launched this office earlier this year. This strategic move aligned directly with an IMF-backed $2.9 billion bailout loan secured in early 2023.
Ironically, this major government hack follows recent public warnings. Earlier this year, the central bank and the finance ministry launched a widespread advertising blitz in local newspapers. They actively warned citizens to avoid falling prey to cyber scams. Now, the state itself has suffered a record-breaking breach.
